package cn.flightcloud.auth.config.spring.security;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler;

import cn.flightcloud.auth.config.spring.security.service.SimpleUserDetailsService;

//@EnableWebSecurity
//@Configuration
//@Order(1)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
	
	  @Override
	    protected void configure(HttpSecurity http) throws Exception { 
		  // @formatter:off
	        http.requestMatchers()
	            .antMatchers("/login", "/oauth/authorize")
	            .and()
	            .authorizeRequests()
	            .anyRequest()
	            .authenticated()
	            .and()
	            .formLogin()
	            .permitAll()
	            .and().csrf().disable();
	    } // @formatter:on

	    @Override
	    protected void configure(AuthenticationManagerBuilder auth) throws Exception { // @formatter:off
	        auth.inMemoryAuthentication()
	            .withUser("john")
	            .password(passwordEncoder().encode("123"))
	            .roles("USER");
	    } // @formatter:on

	    @Bean
	    public BCryptPasswordEncoder passwordEncoder(){
	        return new BCryptPasswordEncoder();
	    }

//	@Bean
//	@Override
//	protected UserDetailsService userDetailsService() {
//		UserDetailsService userDetailsService = new SimpleUserDetailsService();
//		return userDetailsService;
//	}
//
//	@Bean
//	@Override
//	public AuthenticationManager authenticationManager() throws Exception {
//		return super.authenticationManager();
//	}
//
//	@Bean
//	public PasswordEncoder passwordEncoder() {
//		return new BCryptPasswordEncoder();
//	}
//
//	@Override
//	public void configure(WebSecurity web) throws Exception {
//		web.ignoring().antMatchers("/css/**", "/image/**");
//	}
//
//	@Override
//	protected void configure(HttpSecurity http) throws Exception {
//		// http.requestMatchers().anyRequest()//
//		// .and().authorizeRequests().antMatchers("/oauth/*").permitAll()//
//		// .and().authorizeRequests().anyRequest().authenticated();//
//		// 任何请求,登录后可以访问
//
//		// @formatter:on
//		http.httpBasic().disable();
//		http.csrf().disable() // HTTP with Disable CSRF
//				.authorizeRequests().antMatchers("/login", "/oauth/**", "/css/**", "/image/*").permitAll()//
//				.and().formLogin().loginPage("/login")// 设置登录页面
//				.defaultSuccessUrl("/")// 设置默认登录成功跳转页面
//				.failureUrl("/login?error").permitAll()// 设置登录失败的页面
//				.and().logout().logoutUrl("/logout")// 设置logout页面
//				.and().authorizeRequests().anyRequest().authenticated();// 任何请求,登录后可以访问
////		http.addFilterBefore(filterSecurityInterceptor(),FilterSecurityInterceptor.class);
//		// @formatter:off
//	}
//
//	@Override
//	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//		auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder());
//	}
//
//	// 开启全局方法拦截
//	@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
//	public static class GlobalSecurityConfiguration extends GlobalMethodSecurityConfiguration {
//		@Override
//		protected MethodSecurityExpressionHandler createExpressionHandler() {
//			return new OAuth2MethodSecurityExpressionHandler();
//		}
//
//	}

}
